#include <idc.idc> static findCode_fix(sb, se) { auto a, c, w, d, b; c = 0; for (a=sb; a<se; a=a+4) { b = Byte(a-1); // byte with jump-opcode (0xEB) d = Byte(a-2); // distance of the jump (relative to current pos), most significant byte // fix stopped MakeCode after "BL xxx" if ((b==0xEB) && isUnknown(GetFlags(a))) { // previous command: BL ... (short jump) if ( (d > 0xf8) || (d < 0x06) ){ // make sure, distance is some reasonable value (i.e. not to large) Message("Jump (%x) found at %x\n", d, a); MakeCode(a); c = c+1; } } } Message( "Code found %d times\n", c); } static main() { auto sb, se, b; Message("*** START OF ANALYSIS ***\n"); sb = MinEA(); se = MaxEA(); Message("Searching for code...\n"); MakeCode(sb); findCode_fix(sb, se); Message("Please wait...\n"); Wait(); Message("*** END OF ANALYSIS ***\n"); }
|Archiver|手机版|小黑屋|软路由 ( 渝ICP备15001194号-1|渝公网安备 50011602500124号 )
GMT+8, 2024-5-20 22:04 , Processed in 0.056936 second(s), 5 queries , Gzip On, Redis On.
Powered by Discuz! X3.5 Licensed
© 2001-2023 Discuz! Team.